Password Authentication In The Network Environment, Theory And Technology Research

When a group of people wants to communicate securely over an open network, they need to run some conference-key protocol to establish a one-time conference key and then encrypt their communications with the key in order to communicate securely. The article proposes a provably secure fault-tolerant conference-key agreement protocol under the authenticated broadcast channel model. There are two attacks on the protocol: one is the active attack in which a malicious participant tries to disrupt establishment of a common conference key among the honest participants; the other is the passive attack, namely, an eavesdropper tries to learn the one-time common conference key by listening to the public information broadcasted by the participants during the execution of protocol. The author shows that the honest participants can agree on a common conference key and exclude the malicious persons from the conference no matter how many participants are malicious (security against active attack). Moreover, we also prove that a passive adversary gets no information about the one-time conference key established by the honest participants under the assumption of a reasonable variant Diffie-Hellman decision problem.